CVE-2020-6116

{"id": "CVE-2020-6116", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2020-09-17T13:15:16.273", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1070", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1070", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-680"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-131"}, {"lang": "en", "value": "CWE-190"}, {"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, Inc.\u2019s Nitro Pro 13.13.2.242. When drawing the contents of a page using colors from an indexed colorspace, the application can miscalculate the size of a buffer when allocating space for its colors. When using this allocated buffer, the application can write outside its bounds and cause memory corruption which can lead to code execution. A specially crafted document must be loaded by a victim in order to trigger this vulnerability."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo arbitraria en la funcionalidad de renderizado de Nitro Pro de Nitro Software, Inc versi\u00f3n 13.13.2.242. Al dibujar el contenido de una p\u00e1gina usando colores de un espacio de color indexado, la aplicaci\u00f3n puede calcular inapropiadamente el tama\u00f1o de un b\u00fafer al asignar espacio para sus colores. Cuando usa este b\u00fafer asignado, la aplicaci\u00f3n puede escribir fuera de sus l\u00edmites y causar una corrupci\u00f3n de la memoria, lo que puede conllevar a una ejecuci\u00f3n de c\u00f3digo. La v\u00edctima debe cargar un documento especialmente dise\u00f1ado para desencadenar esta vulnerabilidad"}], "lastModified": "2024-11-21T05:35:08.450", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gonitro:nitro_pro:13.13.2.242:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0B9A6A1-1800-405F-8435-15AFD4FD1801"}, {"criteria": "cpe:2.3:a:gonitro:nitro_pro:13.16.2.300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1C5AA0C-F33F-4260-8CCC-82D896186225"}], "operator": "OR"}]}], "sourceIdentifier": "talos-cna@cisco.com"}